[LLVMdev] New Certificate Installed; llvm.org Back Up; Issues Linger

John Criswell criswell at illinois.edu
Tue Jun 28 13:56:00 PDT 2011


Dear All,

The good news is that the new llvm.org SSL certificate is installed and 
appears to be configured correctly.

The bad news is that some machines seem to recognize the intermediate 
SSL certificate (which is apparently used to sign the SSL certificates 
UIUC buys starting this year) while others do not.  In particular, our 
internal Linux machines show no errors, while our Macs and llvm.org's 
SVN client do.

If you see this error message:

Error validating server certificate for 'https://llvm.org:443':
  - The certificate is not issued by a trusted authority. Use the
    fingerprint to validate the certificate manually!
Certificate information:
  - Hostname: llvm.org
  - Valid: from Tue, 21 Jun 2011 00:00:00 GMT until Fri, 20 Jun 2014 
23:59:59 GMT
  - Issuer: InCommon, Internet2, US
  - Fingerprint: 3e:a5:0e:1c:c8:fb:71:41:06:71:e8:ac:fc:c5:be:97:4a:21:01:2e
(R)eject, accept (t)emporarily or accept (p)ermanently?

... then your client is not happy with the intermediate SSL certificate, 
but you should be able to accept the certificate and continue using SVN.

I've decided to keep the new SSL certificate installed since a cert that 
works for some (hopefully most) LLVM users is better than an expired 
cert that flags a warning for everyone (Tanya, if you disagree, please 
feel free to revert the change).  In the meantime, I'll talk to the IT 
people who renewed our certificate and see if they know what's causing 
this issue.

Sorry for the inconvenience.

-- John T.








More information about the llvm-dev mailing list